Console-to-Code Preview: Test Drive, Bright Future
I love the idea of AWS's new Console-to-Code functionality. Join me as I try out the preview!
Published Dec 13, 2023
Every November brings excitement to the tech world with the Amazon Web Services (AWS) re:Invent conference. This year, the focus was on Generative AI (GenAI). Among the many GenAI releases was a new EC2 console feature called "Console-to-Code." This tool transforms console actions into code. I love this idea. Using this tool, newcomers can more easily adopt the best practice of using Infrastructure as Code (IaC). This tool can even help seasoned IaC professionals create new templates while adding rarely used resource types. Let's take this new feature for a test drive.
First, let's create a spot instance and get a CloudFormation template. Hmm, it did not recognize the console action of creating a new spot instance. Oh well. Let's create an on-demand instance. It did see those actions and generated the following CloudFormation YAML:
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
Resources:
EC2Instance:
Type: AWS::EC2::Instance
Properties:
ImageId: ami-0230bd60aa48260c6
InstanceType: t2.micro
KeyName: mine
BlockDeviceMappings:
- DeviceName: /dev/xvda
Ebs:
Encrypted: true
DeleteOnTermination: true
Iops: 3000
KmsKeyId: arn:aws:kms:us-east-1:XXXXXXXXXXXX:key/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx
SnapshotId: snap-xxxxxxxxxxxxxxxxx
VolumeSize: 8
VolumeType: gp3
Throughput: 125
NetworkInterfaces:
- AssociatePublicIpAddress: true
DeviceIndex: 0
GroupSet:
- sg-xxxxxxxxxxxxxxxxx
TagSpecifications:
- ResourceType: instance
Tags:
- Key: Name
Value: My Test
MetadataOptions:
HttpTokens: required
HttpEndpoint: enabled
HttpPutResponseHopLimit: 2
PrivateDnsNameOptions:
HostnameType: ip-name
EnableResourceNameDnsARecord: true
EnableResourceNameDnsAAAARecord: false
ClientToken: xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx
Count: 1
SecurityGroupIngress:
Type: AWS::EC2::SecurityGroupIngress
Properties:
GroupId: sg-xxxxxxxxxxxxxxxxx
IpProtocol: tcp
FromPort: 22
ToPort: 22
CidrIp: 0.0.0.0/0
SecurityGroup:
Type: AWS::EC2::SecurityGroup
Properties:
GroupName: launch-wizard-1
GroupDescription: launch-wizard-1 created 2023-12-11T17:23:59.534Z
VpcId: vpc-xxxxxxxxxxxxxxxxx
Let's save that as a YAML file and try to create an identical EC2 instance using the CloudFormation console. That attempt failed with the following:
I see the problem. "TagSpecifications:" and "- ResourceType: instance" are invalid properties. Remove those two lines and two indention levels for the "Tags:" block. Now, let's try again. Now, the CloudFormation creation failed with the following:
Let's remove the "MetadataOptions" property and the keys within and try again. Next, the CloudFormation stack creation failed with the following:
I am less concerned about this because no one should create a security group with a default name like launch-wizard-x. Let's try again. This time, it failed with the following:
"Count: 1." Where did that come from? Terraform? Remove that line and try again. Next, it failed with the following:
Remove the "ClientToken:" line and try again. Now, it failed with the following:
Remove the "Throughput:" line and try again. It worked!
I thought creating an EC2 instance with all default settings except my key pair would be a simple test of this new feature. However, after needing to fix the provided template over six iterations to deploy successfully, I conclude that this feature is unfortunately not ready to be used. It is fun to play with, though. I understand this feature is still in preview, but what can this current version successfully do? The current version is limited in scope to the EC2 console. In the EC2 console, what is more fundamental than creating an EC2 instance?
In conclusion, I love the idea of this new feature, and I greatly look forward to it being improved and expanded to other AWS services. This feature will help more customers achieve the best practice of using IaC. I cannot wait for an announcement of improvements to this service so I can take it for another test drive.
Thanks for reading!